Re: [Uta] Adoption call for draft-tschofenig-uta-tls13-profile-04
Hannes Tschofenig <Hannes.Tschofenig@arm.com> Fri, 15 May 2020 11:38 UTC
Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 171EE3A0942; Fri, 15 May 2020 04:38:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=9WDkQcBj; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=9WDkQcBj
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IPmgEl7yJQhl; Fri, 15 May 2020 04:38:52 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2075.outbound.protection.outlook.com [40.107.22.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EAE83A093E; Fri, 15 May 2020 04:38:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J3ZQxhlzG3rmw+dWx8dLIRKleUan7sRYK6n9wlSJONo=; b=9WDkQcBjixKutAetIfb1tG43PUFBrJrycDLLdJxRBU894sfh14BcludtIURi5aDSvEcOfOkNiguI+lIzpBceorrrl1R0UDmUdwJhC2PvQUMajUGnljNkR/U4KQUN5gD1UeqxN3Eqwxh61kcDlnOiGHL7kKUU4nIsEJZQXeFxnME=
Received: from DB6PR0801CA0048.eurprd08.prod.outlook.com (2603:10a6:4:2b::16) by VE1PR08MB5117.eurprd08.prod.outlook.com (2603:10a6:803:109::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.26; Fri, 15 May 2020 11:38:48 +0000
Received: from DB5EUR03FT059.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:2b:cafe::71) by DB6PR0801CA0048.outlook.office365.com (2603:10a6:4:2b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.20 via Frontend Transport; Fri, 15 May 2020 11:38:48 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT059.mail.protection.outlook.com (10.152.21.175) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.19 via Frontend Transport; Fri, 15 May 2020 11:38:48 +0000
Received: ("Tessian outbound 5abcb386707e:v54"); Fri, 15 May 2020 11:38:48 +0000
X-CR-MTA-TID: 64aa7808
Received: from b1d2447d4cb4.2 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 8BE95D0A-C079-4CB3-98BF-589404B09EC8.1; Fri, 15 May 2020 11:38:43 +0000
Received: from EUR02-AM5-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id b1d2447d4cb4.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 15 May 2020 11:38:43 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oWgUOVsI7fILHcn/ZB5ao9uoK0sD/VqxPYFrjWQiE99ZNCsRI359e8PRa/LtH3pNSuy1d74v5OMZ/k4QBzORKuHdVtj2aKoY6obkwtt4iKgdaKuNHseVvMbqzNkiYBUU3aak4hLXttcea3tPgMJ+B7TGsLukbooSCSb1fbtUgFsL38hptqdHH8hQ9fl2rU9vQVqdcHQB4pJaZeEOIM6Unb99NFlKA2D++O7E9efNBZPczieFfmtgpLV8fvF1kLwOIG7qv05wysmTmJKiQxdiD8Ylw5fKGxrlA6lZnezW4a+hrTW+6l+7UHcbHOzbKR4CssgzZdnElWmtX1K2rEsOmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J3ZQxhlzG3rmw+dWx8dLIRKleUan7sRYK6n9wlSJONo=; b=MshMI4zwBGM0QhbeNDCn615tpnZqi0y38HXbeIcpKuSMTgTYjZIXPijIq2IJMiNbtROx6XQBpuSvi5YRIoOfW4BZgaSWKp5QLG/JmM9YmjelDif7EuQHk6MTtBJQgwSp42vckf3xc8/rm7sTB0dmbxvQPLi1dhOF6W+F/+0Znk6hrrmiKgl3SunC7uB749X1PRNU8WeTGfpGVSiuShajLEXYxOwmq4X73pmwqWDN4NmW0F8R2ylO50HPDOCkjIVeQo1La4UQNwVSxv2weOcH7U4IvKXpsnCyhNrgX6enc5IL9rimJqNvsQr5DepujifD9gvOAFQGldGtojw7tJovww==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J3ZQxhlzG3rmw+dWx8dLIRKleUan7sRYK6n9wlSJONo=; b=9WDkQcBjixKutAetIfb1tG43PUFBrJrycDLLdJxRBU894sfh14BcludtIURi5aDSvEcOfOkNiguI+lIzpBceorrrl1R0UDmUdwJhC2PvQUMajUGnljNkR/U4KQUN5gD1UeqxN3Eqwxh61kcDlnOiGHL7kKUU4nIsEJZQXeFxnME=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (2603:10a6:208:106::13) by AM0PR08MB3298.eurprd08.prod.outlook.com (2603:10a6:208:5e::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.25; Fri, 15 May 2020 11:38:42 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::39f5:e4d9:51ff:eae]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::39f5:e4d9:51ff:eae%7]) with mapi id 15.20.3000.022; Fri, 15 May 2020 11:38:42 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: Valery Smyslov <valery@smyslov.net>, "uta@ietf.org" <uta@ietf.org>
CC: "uta-chairs@ietf.org" <uta-chairs@ietf.org>, Thomas Fossati <Thomas.Fossati@arm.com>
Thread-Topic: Adoption call for draft-tschofenig-uta-tls13-profile-04
Thread-Index: AdYqjQwZv8CXusbCTpW9cQ/tE7pxGwAB00oQ
Date: Fri, 15 May 2020 11:38:42 +0000
Message-ID: <AM0PR08MB371683E298868850CB14FE8DFABD0@AM0PR08MB3716.eurprd08.prod.outlook.com>
References: <000401d62a8d$e3b9ac80$ab2d0580$@smyslov.net>
In-Reply-To: <000401d62a8d$e3b9ac80$ab2d0580$@smyslov.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: fdb93ac6-2b43-42f5-b4e5-4e3d68d02238.0
x-checkrecipientchecked: true
Authentication-Results-Original: smyslov.net; dkim=none (message not signed) header.d=none;smyslov.net; dmarc=none action=none header.from=arm.com;
x-originating-ip: [80.92.122.242]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 14c5b778-b4dc-4bbc-6a5e-08d7f8c488a8
x-ms-traffictypediagnostic: AM0PR08MB3298:|VE1PR08MB5117:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <VE1PR08MB5117FEC8F8F9C2429B2C5DA2FABD0@VE1PR08MB5117.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:10000;
x-forefront-prvs: 04041A2886
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: Z5AUId72bUCXo4FCtXfMdY++cDtsplhKB1Z77y5VjBJTbFgZg1BRimfT1Z7NbO37Bj0TMpfmPWz5hwM4zvC8QMgKl1qjEa4K7Ox+X/3TAH+dFO374WyAbUgdvCr3DXXgduE9EG7FqtvmwLL6ft6VgoevLzUgCT16EzhTPzjZ2YOBuaAZnywNFMNOM/NZmPKw6tGKvViEn51gL8Sw0GLYNntzNh5uOTmf0OsF/WgNPAj+a3aNktLQlB6ytkWtm+CICTKN5h/PMrRxpppk60u8pPZubxsXVRaQSttt/n5/UstTlJKr3ZnqvmcGw+ss1mXyWPIfo+Y7e/2AdCoOLZR+HIUkHb/mQYI5/4jt8JXkxR3FHg/2jx/ZHZeCzbKwDOLQu9J5jOQobPQ8yN4tUiqrocJUcavFBM5SRSX0NZrHkDL1kOUvWS3qjQQJMDUpb7RqbMSTWDgvnus8t3IqZMBG/WkHm0Fcre8+zKwGxsTLBRxlm//p4aB7nSccXD9d+Wpe19TLGZUey0kzrxGPMRTsjw==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR08MB3716.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(396003)(376002)(366004)(39860400002)(136003)(346002)(5660300002)(66574014)(66946007)(55016002)(33656002)(478600001)(64756008)(9686003)(4326008)(71200400001)(66476007)(66446008)(66556008)(76116006)(110136005)(966005)(7696005)(8676002)(8936002)(2906002)(6506007)(316002)(53546011)(52536014)(26005)(86362001)(186003)(54906003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 4eI3aYYZVb+rIj3jHle245y/sB4A9liFKA6OXgCttYL5SzHWK3I9EV2xpZqvKqu2vSZUsHcAsdw3FAbSYqdvfOq7aL2IGbYgjVpqoyBvZkdWyPoo7OREusqw/91RK6IyRonVlINLaJIPEwgAZQ+ndseb4x5EVwtkldJzvY1WOrM5AHXxujXjUYC+Dx/IEpfb0Sel5uHKSt2YrPp1IC9L1u8P/yynV0wNNQdR+k0iZ3/RMOdomojeIz7F0OHctoB/EyHNR6iK7EHy4iMyUwhFhIiCOqRG8OBNGp01i7MrWFGEBFTr5sqOlMeM2jkFGqHWrkTYOyf5Q8dNzBc8UYB1AfSlX8K7thVTSg0rKF/6iZM81DB2x6NxMevw4/YOnzjndoRgESORt+35/p268j4hdTY0xVrEsM4tEO8Iue/GaQGtjRsiEJqvFkNolG+rCdsyjA8RLcIKLG9/4kivvN4jvMaqBXFpPTAAA7WMscxTvcOfj18RcdqtA9mdPiny6ZFW
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB3298
Original-Authentication-Results: smyslov.net; dkim=none (message not signed) header.d=none;smyslov.net; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT059.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(346002)(396003)(376002)(136003)(46966005)(86362001)(6506007)(53546011)(7696005)(356005)(8936002)(5660300002)(82310400002)(186003)(26005)(52536014)(450100002)(966005)(8676002)(33656002)(55016002)(478600001)(110136005)(82740400003)(2906002)(81166007)(47076004)(9686003)(70586007)(54906003)(4326008)(316002)(70206006)(66574014)(336012); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 73ab1d78-80b8-4113-b54e-08d7f8c484d1
X-Forefront-PRVS: 04041A2886
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: /QC7vY96csv0bOfhW0GNFGp0+6vg93G+xCd1nrY0BFrhHImuoZf/c/AQZmQfJKc7YpdyTlZTh6Uxg6dA5yLJOmQr1cD9OWK8p18m7HjJY3q2nJeuf1vJChwREi6yRaiBzIm3Vd8PKhnyNOZ5UMjjJOXApnm2L+t+1rXbN4A3dbX2Ky40T+TPcphWyATTw2Y7HBN0mtSXpQKzub4UeO+9pokgLea/IyhenlWybpQgVU5FjFILM3F8lmtOFEtyIWKorskTYFLxAm01PkuXF39hFuzVlk06UFNh5qT4lcqUujyUWBmSpdoc/s5CowdYaUiMRPo5ZDqbFT4Mcbz8jAEqgkgw8HxxHlgCryrdioOP1gmRbaQx8lACeocUY9wAS9Gseb4GreVRI61Cu+hu5f5JMnu/wnri6wIxfcUBuq3SFU+wH+kUjQpsyNvzEM/VTsy3rTYaPU5Ef2zCO0HFs0HVQcBGH7/e21jk4ZyxJl9ghk760vahn3uGNlIBLN4Vfttame/ROm5WRugj/ohFjHh989ChjNBtk9k/D9LU4oTmf18e5bt86sjtFuYmkb1eJCBcgSBkxxHNzuYkLR0etHHVCw==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 May 2020 11:38:48.6136 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 14c5b778-b4dc-4bbc-6a5e-08d7f8c488a8
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1PR08MB5117
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/IBpRuEOayiMY4zbqKpWkeEUMIiY>
Subject: Re: [Uta] Adoption call for draft-tschofenig-uta-tls13-profile-04
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2020 11:38:55 -0000
Thanks, Valery for starting the call for adoption. Let me provide a bit of context for those who weren't able to attend the virtual interim meeting*. RFC 7925 provided profiles for IoT devices concerning the use of TLS and DTLS 1.2. These profiles are used today in deployments and other SDOs are referencing that RFC for their IoT protocol specifications. While there were many aspects to consider in 1.2 there are far fewer in 1.3 because the TLS 1.3 specification was only finished mid 2018 and the DTLS 1.3 RFC is about to get finalized now. However, there are two areas were definitely need to say something about 1.3 usage in IoT environments, namely * Algorithm recommendations (because those are different than the algorithms used on the web), and * the use of 0-RTT in IoT protocols like CoAP and MQTT. In addition to those points there are some recommendations that would be helpful to cover in draft-tschofenig-uta-tls13-profile-04, which are relevant for 1.2 as well as 1.3, such as the use of alternative certificate formats (using CBOR encoding). This was a point raised by John. Other aspects include the use of CIDs and how they relate to CoAP and CoAP Observe, the use of "unlimited" certificate lifetime for certificates that are part of the root of trust on those devices, and there are more items in the slide deck*. The participants at the call asked for the scope to be restricted to TLS/DTLS and not to focus on cTLS because it would otherwise take longer to complete this work. I believe this work is useful for the IoT community since TLS/DTLS is used by all major IoT device management providers. Ciao Hannes (*): Slides presented at the virtual interim meeting are here: https://datatracker.ietf.org/meeting/interim-2020-uta-01/materials/slides-interim-2020-uta-01-sessa-tlsdtls-profiles-for-the-internet-of-things -----Original Message----- From: Valery Smyslov <valery@smyslov.net> Sent: Friday, May 15, 2020 9:53 AM To: uta@ietf.org Cc: uta-chairs@ietf.org; Hannes Tschofenig <Hannes.Tschofenig@arm.com>; Thomas Fossati <Thomas.Fossati@arm.com> Subject: Adoption call for draft-tschofenig-uta-tls13-profile-04 Hi, during the last virtual interim meeting the draft-tschofenig-uta-tls13-profile-04 was discussed. The authors of the draft asked for its adoption by the WG and a quick poll during the meeting indicated that participants were in favor of the adoption. This message starts a two weeks call for adoption of the draft-tschofenig-uta-tls13-profile-04 draft to confirm the results we saw at the meeting. The call will end up 30 May 2020. Please send your opinions to the list before this date. Please if possible include any reasons supporting your opinion. If you support this adoption, please indicate whether you are ready to review this draft if it becomes a WG document. Regards, Leif & Valery. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [Uta] Adoption call for draft-tschofenig-uta-tls1… Valery Smyslov
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Hannes Tschofenig
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Eric Rescorla
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Martin Thomson
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Loganaden Velvindron
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Hannes Tschofenig
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Hannes Tschofenig
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Valery Smyslov
- Re: [Uta] Adoption call for draft-tschofenig-uta-… Valery Smyslov